funda-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to call Funda AI endpoints that return untrusted, public user-generated content—e.g., /v1/twitter-posts, /v1/reddit-posts and /v1/reddit-comments, /v1/polymarket/*, /v1/news, and /v1/transcripts—as shown in SKILL.md and the references, and the agent is required to read and use that content as part of its workflow, which could allow indirect prompt injection.